| Age | Commit message (Collapse) | Author |
|---|
|
* i18n: update translation for settings.json (Romanian)
* i18n: update translation for settings.json (French)
* i18n: update translation for settings.json (Spanish)
* i18n: update translation for settings.json (Arabic)
* i18n: update translation for settings.json (Czech)
* i18n: update translation for settings.json (Danish)
* i18n: update translation for settings.json (German)
* i18n: update translation for settings.json (Greek)
* i18n: update translation for settings.json (Finnish)
* i18n: update translation for settings.json (Italian)
* i18n: update translation for settings.json (Japanese)
* i18n: update translation for settings.json (Portuguese, Brazilian)
* i18n: update translation for settings.json (Dutch)
* i18n: update translation for settings.json (Norwegian)
* i18n: update translation for settings.json (Polish)
* i18n: update translation for settings.json (Portuguese)
* i18n: update translation for settings.json (Russian)
* i18n: update translation for settings.json (Swedish)
* i18n: update translation for settings.json (Ukrainian)
* i18n: update translation for settings.json (Norwegian Bokmal)
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Add the ability for users to change their password from their user settings, without requiring them to use the reset password workflow. User's are required to create a elevated session in order to change their password. Users may not change their password to their current password. The user's current password is required for the password change. Users must follow any established password policies. Administrators are able to turn this feature off.
Closes #3548
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
|
|
(#8877)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
* feat: build from authelia/base base image
This change moves Authelia's base image from a musl based distro (alpine) to a glibc based custom image distro (chisel/ubuntu).
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
* feat: add mode=max image provenance attestations
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
* feat: index digest sha to from statement in provenance attestations
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
* feat: add reproducible metadata to provenance attestation
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
* feat: add sbom metadata to image manifest
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
* fix(suites): prevent race condition in ha mysql test
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
* refactor(suites): log to confirm when services are ready
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
* fix(suites): increase wait timer for mariadb ha test
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
---------
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
This adjusts the assets validations to only validate the asset overrides.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
|
|
This includes all failures for passkeys as a logged attempt in the auth logs.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
|
|
This adjusts the passkey logins to have a wholly unique metric.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
|
|
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
|
|
* i18n: update translation for portal.json (Portuguese, Brazilian)
* i18n: update translation for portal.json (Romanian)
* i18n: update translation for portal.json (Spanish)
* i18n: update translation for portal.json (Czech)
* i18n: update translation for portal.json (Danish)
* i18n: update translation for portal.json (German)
* i18n: update translation for portal.json (Italian)
* i18n: update translation for portal.json (Dutch)
* i18n: update translation for portal.json (Norwegian)
* i18n: update translation for portal.json (Polish)
* i18n: update translation for portal.json (Portuguese)
* i18n: update translation for portal.json (Swedish)
* i18n: update translation for portal.json (Ukrainian)
* i18n: update translation for portal.json (Norwegian Bokmal)
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
|
|
* i18n: update translation for portal.json (Chinese Simplified)
* i18n: update translation for settings.json (Chinese Simplified)
|
|
|
|
Update the privacy policy acceptance message to use a placeholder-based approach that ensures consistent application branding across all language translations and add server-side validation to verify all translations maintain the required placeholders, preventing runtime issues with missing components.
Signed-off-by: Brynn Crowley <littlehill723@gmail.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
This adds rate limits to the TOTP second factor endpoint, the Duo second factor endpoint, Session Elevation endpoint, and the Reset Password endpoint. This protection exists as several configurable tokenized buckets anchored to the users remote IP address. In the event the rate limit is exceeded by the user the middleware will respond with a 429 status, a Retry-After header, and JSON body indicating it's rate limited, which the UI will gracefully handle. This has several benefits that compliment the 1FA regulation, specifically in simple architectures it limits the number of SMTP sends a unique client can make, as well as the number of requests a particular client can make in general on specific endpoints where too many requests may indicate either a fault or some form of abuse.
Closes #7353, Closes #1947
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
This introduces a feature to the claims policy that allows merging the granted audience into the ID Token. This is not traditionally spec compliant but has some specific use cases.
Closes #8619
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Fix test failing due to different call path on local systems vs buildkite.
Signed-off-by: Brynn Crowley <littlehill723@gmail.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
This adds an OLED tuned dark mode theme to the web frontend.
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
|
|
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.9 to 3.28.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0...b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
